Hi, Last week I discovered an issue with recursor v3.2. It appears to return a malformed answer to the client in case the data (incl. additional data) exceeds the 65536 maximum (2 bytes length field).
An example real-life lookup which has this issue as a result is MX of auinmeio.com.br When asking one of the authoritative servers, dig yields (note ANSWER, ADDITIONAL and MSG SIZE): [thor@tns125 named]$ dig -t MX auinmeio.com.br @ns1.auinmeio.com.br ;; Truncated, retrying in TCP mode. ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> -t MX auinmeio.com.br @ns1.auinmeio.com.br ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25661 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1569, AUTHORITY: 6, ADDITIONAL: 1376 ;; QUESTION SECTION: ;auinmeio.com.br. IN MX <snip> ;; Query time: 765 msec ;; SERVER: 65.98.112.162#53(65.98.112.162) ;; WHEN: Mon Apr 11 16:16:25 2011 ;; MSG SIZE rcvd: 65531 When asking powerdns v3.3, dig yields (note ANSWER, ADDITIONAL and MSG SIZE): [thor@tns125 named]$ dig -t MX auinmeio.com.br @195.130.158.234 ;; Truncated, retrying in TCP mode. ;; Warning: Message parser reports malformed message packet. ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> -t MX auinmeio.com.br @195.130.158.234 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11531 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1569, AUTHORITY: 0, ADDITIONAL: 1569 ;; QUESTION SECTION: ;auinmeio.com.br. IN MX <snip> ;; Query time: 63 msec ;; SERVER: 195.130.158.234#53(195.130.158.234) ;; WHEN: Mon Apr 11 16:19:00 2011 ;; MSG SIZE rcvd: 4427 >From a packet trace, I see that the UDP answer is correct with 20 MX answered >in a truncated reponse. The client then asks the same question via TCP: Domain Name System (query) [Response In: 8] Length: 33 Transaction ID: 0x2648 Flags: 0x0100 (Standard query) 0... .... .... .... = Response: Message is a query .000 0... .... .... = Opcode: Standard query (0) .... ..0. .... .... = Truncated: Message is not truncated .... ...1 .... .... = Recursion desired: Do query recursively .... .... .0.. .... = Z: reserved (0) .... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 0 Queries auinmeio.com.br: type MX, class IN Name: auinmeio.com.br Type: MX (Mail exchange) Class: IN (0x0001) And then powerdns answers with: Domain Name System (response) [Request In: 6] [Time: 0.055456000 seconds] Length: 4465 Transaction ID: 0x2648 Flags: 0x8180 (Standard query response, No error) 1... .... .... .... = Response: Message is a response .000 0... .... .... = Opcode: Standard query (0) .... .0.. .... .... = Authoritative: Server is not an authority for domain .... ..0. .... .... = Truncated: Message is not truncated .... ...1 .... .... = Recursion desired: Do query recursively .... .... 1... .... = Recursion available: Server can do recursive queries .... .... .0.. .... = Z: reserved (0) .... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server .... .... .... 0000 = Reply code: No error (0) Questions: 1 Answer RRs: 1569 Authority RRs: 0 Additional RRs: 1569 Queries auinmeio.com.br: type MX, class IN Name: auinmeio.com.br Type: MX (Mail exchange) Class: IN (0x0001) Answers auinmeio.com.br: type MX, class IN, preference 0, mx pm02-58.auinmeio.com.br Name: auinmeio.com.br Type: MX (Mail exchange) Class: IN (0x0001) Time to live: 1 minute, 25 seconds Data length: 12 Preference: 0 Mail exchange: pm02-58.auinmeio.com.br <snip> auinmeio.com.br: type MX, class IN Name: auinmeio.com.br Type: MX (Mail exchange) Class: IN (0x0001) Time to live: 1 minute, 25 seconds Data length: 12 [Malformed Packet: DNS] [Expert Info (Error/Malformed): Malformed Packet (Exception occurred)] [Message: Malformed Packet (Exception occurred)] [Severity level: Error] [Group: Malformed] [Malformed Packet: DNS] [Expert Info (Error/Malformed): Malformed Packet (Exception occurred)] [Message: Malformed Packet (Exception occurred)] [Severity level: Error] [Group: Malformed] Domain Name System (query) Length: 1889 Transaction ID: 0x6c35 Flags: 0x372d (Unknown operation) 0... .... .... .... = Response: Message is a query .011 0... .... .... = Opcode: Unknown (6) .... ..1. .... .... = Truncated: Message is truncated .... ...1 .... .... = Recursion desired: Do query recursively .... .... .0.. .... = Z: reserved (0) .... .... ...0 .... = Non-authenticated data OK: Non-authenticated data is unacceptable Questions: 12345 Answer RRs: 49164 Authority RRs: 49164 Additional RRs: 15 Queries <Root>: type Unknown (256), class Unknown (0) Name: <Root> Type: Unknown (256) Class: Unknown (0x0000) <Unknown extended label>: type PTR, class Unknown (0) Name: <Unknown extended label> Type: PTR (Domain name pointer) Class: Unknown (0x0000) al96-01: type Unknown (49164), class Unknown (15) Name: al96-01 Type: Unknown (49164) Class: Unknown (0x000f) <Root>: type Unknown (256), class Unknown (0) Name: <Root> Type: Unknown (256) Class: Unknown (0x0000) Did anybody encounter the same issue? Is this a known bug? Any resolution or work-around? Regards, Thor. _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users